GI Joe - PHP CGI Argument Injection

![7f6641992ecb0a5d4baac6d7cbfc043e.png](0bd831f141674bd788f329b42e9611b6.png) ![87ef2ae30b4c94d89cdeb0a96c386c3e.png](ba63c099b7954418a13475caf0ffb550.png) See GI Joe? CGI? `jh2i.com:50008/cgi-bin/` ![78919976be46b7ba61710ec01d2faa9d.png](270bf9771572434b8626a3c63cd5b6ed.png) Doing some enumeration lead me to: `jh2i.com:50008/?-s` Which allows grabbing of the source code in older versions of PHP ![35f5d7abf247b13e228469b7eb9515fa.png](5078b21618214fbb8a59cc641d1ca500.png) CVE-2012-1823 [https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1823](https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1823) There's a metasploit module to speed up this process ![5693d9c822eaf82d698d05e656f80b9e.png](c9c2025f150c43ffa3b4239ac9f5d985.png) ![e1606342f2d9910f062a60da0fafde9a.png](61c1e11da7d04a498a0e9b2508337547.png) --- Back to [[_WebSite Publish/CTF/CTF Index|CTF Index]] Tags: #ctf #php #cgi #web Related: